On Thu, Nov 3, 2016 at 12:50 AM, Andrew David Wong <a...@qubes-os.org> wrote: > So, the fact that you're allowed to see your screen content from yesterday > doesn't constitute any violation of the security model. You're still the same > trusted user as you were yesterday. (If I've misunderstood your concern, > please let me know.)
This is concerning from the perspective of one who expects a lock screen to protect the confidentiality of your activities from untrusted people who may temporarily have limited access to your machine while it is locked. But perhaps more seriously, if I understand the report correctly, this also suggests to me the potential existence of some code path which renders stale content from untrusted appvms in a full-screen undecorated context? If that is true, and if it is reliably triggerable from an appvm, then this would be a useful tool for one attempting to trick a user with fake UI. This is purely theoretical, and standard mitigations apply as normal (e.g. trusted window-manager actions to differentiate true windows) but this still does cause some concern. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CABQWM_Bnez%3DCfW78d%2BDpASduCNQ3APrXP-b_D%2BMVii42tSUOfA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.